Conceptual Framework for Legal and Risk Assessment of Crypto Tokens
1 for all. Legal | Tax | Compliance
Classification of decentralized blockchain-based assets
May 1st, 2018"Block 2" Version
1
Executive Summary
“Block 2” Version – May 1st, 2018
The age of tokenized ecosystems has begun, the shift from centralized to decentralized blockchain-based
creations and the transfer of assets is ongoing. Our current world is full of different asset classes ranging
from money (in a narrow sense) to gold, real estate, securities, intellectual property ("IP") etc., many of
which are difficult to physically trade or subdivide. Distributed ledger technology, or more specifically
blockchain technology, is increasingly providing solutions to this problem.
Blockchain technology can design digital information units that contain elements of a property right (ac-
cording to civil law concepts) to which an owner has direct and exclusive access that can be defended
against third parties (right in rem). It contains the tools to program a unique set of information that attrib-
utes a property right and enables a secure and registered public transfer of the new type of digitally-de-
fined property: Blockchain Crypto Property (“BCP”).
In addition, the introduction of Smart Contract Systems (“SCS”) at the application level of the blockchain
has added immutable functions and property terms to BCPs, enabling not only the execution of bilateral
and multilateral programs in accordance with contractual terms and conditions, but also the ability to
create co-ownership like organizations. A BCP is therefore defined as a digital property that can be regis-
tered on the blockchain, in addition, it may carry out coded functions governed by an SCS, following coded
or manual input by an agreed party (called an “Oracle”).
In order to consistently assess the legal and tax implications, associated risks and investment suitability
of BCPs in the tokenized ecosystem, a reliable classification model and risk assessment criteria are indis-
pensable. By applying an assessment method based on functionality, rather than on a particular country’s
legal concepts, the classification and risk assessments can be considered in all jurisdictions, regardless
of national legal and regulatory frameworks. Though the BCP classification may ultimately lead to different
regulatory treatments in each jurisdiction, it may facilitate the multijurisdictional understanding of exist-
ing and new applications in the tokenized ecosystem, as well as identify coins which may not have the
essential characteristics of digital property (i.e. not a BCP). The objective of the risk assessment and re-
sulting BCP rating is to increase awareness and serve as a basis for establishing governance and diligence
standards for all aspects of creating, offering, transferring and holding tokens.
With the above in mind, a “Conceptual Framework for a Legal and Risk Assessment of Blockchain Crypto
Property” was developed. The current "Block 2” version includes several amendments to the initial genesis
version from September 2017, including a more detailed classification and Token development stages.
This paper will:
- provide functional classification leading to three different BCP Classes;
- introduce three BCP Development Stages; and
- provide a risk assessment model for BCP, resulting in BCP Risk Categories.
Dr. Luka Müller, Dr. Andreas Glarner, Thomas Linder, Stephan D. Meyer,
Prof. Dr. Andreas Furrer, Christine Gschwend and Peter Henschel
2
1. Functional Token Classification
BCP Classification and Risk Assessment Method
BCP Class 1
Native Utility Tokens
No legal counterparty
BCP Class 2
Counterparty Tokens
Natural/legal person as counterparty
BCP Class 3
Ownership Tokens
Right in rem
Op
era
tio
na
l
BC
P
Pre
-O
pe
rati
on
al
BC
P
Pre
-B
CP
Underlying Protocol
Market & Distribution
2. Risk Assessment
Functional & Legal Perspective
BCP Class 1 Risk Category B
Investor’s Perspective
Risk Extent
Risk Probability
Net Risk
Weighting of
Risk Factors
Risk Category
A, B, C, D and E
Token Functionality
Functionality & Protocol Risks
Storage & Access of PIK Risks
Regulation & Money Laundering Risks
Market & Counterparty Risks
BC
P D
ev
elo
pm
en
t S
tag
es
3
Definitions
Access and Intermediation: A user has direct access to BCP using his private key ("PIK"). The BCP is visible
on the protocol through the cryptographic address of the Public Key ("PUK"). Intermediary functions are
only possible through the transfer of single-signature or use of multi-signature private keys. Co-ownership
is made possible via immutable code-defined SCS functions that cannot be changed once released on a
protocol.
Blockchain Technology: A blockchain is a type of distributed ledger in the form of a continuously growing
list of records based on blocks, which are linked and secured using cryptographic signatures. Each block
typically contains a hash pointer as a link to a previous block, a timestamp and transaction data. Block-
chains are inherently resistant to data modification. From a functional perspective, a blockchain can serve
as an open, distributed ledger that can record transactions between two parties (accounts) efficiently and
in a verifiable and permanent way.
Distributed Ledger Technology: Database of replicated, shared and synchronised information that is
shared in a decentralized manner among network users.
Input and Output Function (Conditions): These functions allow the BCP to interact with other BCPs or ex-
ternal data. The input and output functions are governed by an SCS, following coded or manual input by
an agreed third party (called an “Oracle”).
Platform(s): A platform allows transactions where BCP can be created and/or transferred via protocols.
There are infrastructure platforms such as Ethereum (“Infrastructure Platforms”) and specific user plat-
forms built on such infrastructure platform (“Application Platforms”). Platforms frequently include an in-
built algorithm for creating, transacting and burning digital units.
Registration Function (Terms): This function defines the legal nature of the BCP. There are basically three
categories: (1) property right of an account entry (e.g. of a Bitcoin), (2) derivative of a property right leading
to a legal right against a counterparty (share in a legal entity or fund, real estate, movable item, registered
IP); and (3) a direct property (e.g. on IP).
Smart Contract System: The SCS is a distributed-ledger-based computer protocol intended to define, ver-
ify and enforce the functions of a BCP.
Tokenizing: A BCP can include two sets of functions: (1) registration functions (“terms”); and (2) input and
output functions (“conditions”). Tokenizing is the programming of all or part of these functions to a BCP. A
Token will be issued and functional once released on a protocol.
Blockchain Crypto Property (“BCP”): (1) Digital information containing all elements of a property right
from a functional equivalence perspective, (2) that is registered on a blockchain or in an alternative dis-
tributed ledger, (3) which can be transferred via a protocol, and (4) that may (or may not) carry out addi-
tional functions governed by a SCS following coded and/or manual input. This document uses the term
BCP or Token, which is the term widely used by the blockchain community.
d
4
Introduction: Relevant Data
The BCP classification and risk assessment is based on an analysis of the underlying protocol, market-
related data and token functionality.
The data examined will represent the basis not only for the functional classification and risk assessment,
but also for the resulting BCP rating.
Underlying Protocol Data
The first part, the evaluation of the underlying Token protocol, involves a broad range of different technical
and conceptual aspects which may have an impact on the stability, security and/or proper function of the
BCP. Such aspects are the:
- blockchain protocol used;
- launch date (history of stability);
- timestamping and consensus model (proof of work/stake/authority/hybrid or different models);
- security
- governance model;
- hash algorithm (scrypt/SHA/others);
- number of full nodes;
- implementation of code based multi-signature PIK;
- possibility of transaction analysis (transparency vs. pseudonymity vs. anonymity);
- implementation of a unit cap or another deflation model;
- past hard-fork history and future planned hard-forks;
- IP rights on underlying protocol.
Market & Distribution Data
The market evaluation focuses on the financial key figures as well as on the availability and tradability of
the BCP. The financial data of BCP is analysed for a reference period of the last 30 and 180 days and is set
in relation to Bitcoin ("BTC") as the first BCP. Therefore, relevant factors are the:
- current market cap;
- exchange listings (number of listings, importance of exchanges);
- price high/low (30d & 180d & in relation to BTC);
- historical volatility (30d & 180d & in relation to BTC);
- trading volume high/low (30d & 180d & in relation to BTC);
- market cap high/low (30d & 180d & in relation to BTC).
Underlying Protocol
Market & Distribution
Functionality
5
The distribution data relates to aspects of pre-functional/functional Tokens as well as the contribution
structure (public and/or private sales). They further include information regarding the method of contribu-
tion, cross-border aspects as well as issuing structure and governance. Relevant points are the:
- early contribution, pre-sale, pre-financing, pre-allocation, community allocation methods;
- price finding mechanism, contribution cap;
- issuing legal structure;
- transactional types and duties;
- Anti-money laundering ("AML"), contributor suitability compliance;
- cross-border offering;
- distribution control;
- SCS/code audit;
- governance.
Functional Data
The functional evaluation of the BCP is of high importance for the classification of the BCP. Relevant func-
tional aspects are the:
- use of the registration function and conditions;
- existence of underlying assets (IOUs, shares or others); and
- target use of the BCP (e.g. medium of exchange, unit of account and store of value, access right to infra-
structure, access right to application/ownership definer)
6
Functional BCP Classification
This framework proposes a classification of Tokens or BCPs based on their function or target use. Key el-
ements that further define the classification include the existence and type of counterparty along with the
presence of an underlying asset or value. For example, if the Token includes some form of asset and a
counterparty, it will have significant legal and regulatory differences compared to a native “currency-like”
Token. As defined above, all BCPs are transferable property that may carry out certain functions, including
the transfer of rights or revenue.
Categorizing tokens based on these criteria aims to clarify a Token holder’s rights, allowing the community
to precisely define a Token’s value, mitigate any risks and provide a supporting framework. Following the
above, our BCP distinguishes between three major classes of BCPs and Tokens:
BCP Class 1: Native Utility Tokens
BCP Class 1 Tokens can be transferred on a decentralized ledger from user 1 to user 2, but do not grant
any rights towards a counterparty. The owner of a Native Utility Token does not have any relative or
absolute right, except for the right relating to the Token itself.1 The fact that a Token might be used on a
specifc blockchain system, for example as “gas”, does not exclude it from being assigned to the BCP Class
1. The relevant criteria for this category is the lack of a relative right against a counterparty, such as the
Token generator or a third party. BCP Class 1 Tokens can be divided into the following four sub-classes:
(1) Basic Tokens
Basic Tokens are simple mediums of exchange, units of account and stores of value
without further functionalities. Examples of Basic Tokens are Bitcoin, Bitcoin Cash,
Litecoin, Monero or ZCash.
1 The right on the Token itself depends on the technical and conceptual model of the underlying blockchain. In
the case of blockchains based on unspent transaction outputs (UTXO) such as Bitcoin, those UTXO might be
seen as the units of value. In account-based-blockchain-models such as Ethereum a user would have a right
on the (externally owned) account linked to a specific asymmetric key pair.
No legal counterparty Natural/legal person
as counterparty Right in rem
BCP Class 1 BCP Class 2 BCP Class 3
Native Utility Tokens Counterparty Tokens Ownership Tokens
7
(2) Infrastructure Access Tokens
In addition to acting as mediums of exchange, units of account and stores of value,
Infrastructure Access Tokens provide the possibility to use a specific blockchain
infrastructure or technology that does not exclusively refer to peer-to-peer
payments. Examples of Infrastructure Access Tokens are Ether, Ether Classic,
Cardano, Lisk, ICON, EOS.
(3) Application Access Tokens
Application Access Tokens provide access to a specific application or business
platform and essentially function like an alternative password using SCS func-
tions. Usually, Application Tokens are not based on an independent blockchain but
use existing infrastructure (e.g. Ethereum). Simple Application Access Tokens
without a settlement function (see sub-class (4) Application Settlement Tokens)
are currently rare. An example is a Wings Token.
(4) Application Settlement Tokens
Application Settlement Tokens combine all functionalities of Application Access
Tokens with the purpose of a settlement instrument. They serve as means of
payment in a peer-to-peer transaction that takes place within specific business
applications or platforms. An example of an Application Settlement Tokens are
Siacoins, Filecoins and Mysterium.
BCP Class 2: Counterparty Tokens
The second category, BCP Class 2, refers to Tokens which include any form of a relative right against a
third-party. The relative right might be a (legal) right to use the Token generator’s services, a right to receive
a financial payment, a right to receive an asset or a bundle of shareholder’s right.
Based on the different characteristics of these relative rights, we distinguish between the following sub-
classes in our BCP Class 2: (1) IOU Tokens, (2) Derivative Tokens, (3) Fund Tokens, (4) Equity Tokens, and (5)
Membership Tokens.
(1) IOU Tokens
IOU Tokens represent any forms of a debt or claim against the token holder or a
third party. Examples of such an underlying claim can be the:
- payment of a specific amount;
- participation in future income;
- delivery of a material or immaterial asset;
- usage right of an infrastructure; or
- right to receive services.
Typically, the details of the debt are part of a separate contract between the Token buyer and the Token
generator. Examples are Tokens on the Lykke Marketplace. Moreover, all "utility tokens" outside of BCP
Class 1 which include a relative right against a counterparty and do not fit within the other categories of
BCP 2 are classified as IOU Tokens.
8
(2) Derivative Tokens
Derivative Tokens are a special form of the above-mentioned IOU Tokens. Because
of their specifically regulated existence, they form a separate sub-class in our clas-
sification model. The value of the claim derives from an underlying base value, for
example gold, Swiss Francs etc. An example of a Derivative Token is Modum.
(3) Fund Tokens
Fund Tokens represent shares of a collective investment fund centrally managed
by a natural or legal person (if the management of the funds is decentralized, the
Token might be classified as Tokens within BCP Class 3). The managed assets can
be on or off a blockchain.
(4) Equity Tokens
The fourth sub-class in BCP Class 2, Equity Tokens, relate to tokenized shares and
shareholders’ rights.2 The Token represents membership rights in a corporation as
well as associated asset rights, such as the right to receive dividend payments.
(5) Membership Tokens
Membership Tokens represent a simple personal membership right, for example in
an association or a club. In contrast to Equity Tokens, Membership Tokens are not
related to shares of a corporation.
BCP Class 3: Ownership Tokens
The third category, BCP Class 3, includes cases in which the Token provides technical, SCS based owner-
ship rights in assets. The purpose of a BCP Class 3 token is to transfer rights of associated assets by trans-
ferring the Token. These assets can include IP rights (e.g. copyright) and may also include material objects
in certain jurisdictions. In contrast to BCP Class 2, BCP Class 3 Token holders do not have a claim or relative
rights against a counterparty. Rather, BCP Class 3 Tokens provide absolute rights (erga omnes) in the form
of a right in rem of the associated assets.
Depending on the specific ownership model, we can distinguish between (1) Joint-Ownership Tokens, (2)
Co-Ownership Tokens and (3) Sole-Ownership Tokens.
2 In Switzerland, daura AG, a joint venture project of Swisscom and MME, is currently developing the legal, technical and op-
erational possibilities to trade shares on blockchains; see C-Share introduction video on:
https://www.youtube.com/watch?v=FRCK6EEbYnY.
9
(1) Joint-Ownership Tokens
Joint Ownership Tokens relate to situations in which two or more individuals
jointly own property. Each owner owns the whole asset and only the community of
all owners together can dispose of the tangible or intangible property. In civil law
jurisdictions, this concept of ownership in German is known as "Gesamteigen-
tum".
(2) Co-Ownership Tokens
Co-Ownership Tokens provide ownership of a certain fraction, usually a percent-
age, of an asset. Each owner has the right to dispose individually his or her specific
property fraction. In civil law jurisdictions, this fractional ownership model in Ger-
man is known as "Miteigentum".
(3) Sole-Ownership Tokens
Sole-Ownership Tokens refer to situations in which the assets linked to the To-
kens are divisible and separable. In this case, every Token holder is the sole owner
of a specific asset. The sole ownership is referred to in German as "Alleineigen-
tum".
10
Functional BCP Classification Overview
BCP Class 1 - Native Utility Tokens 2 - Counterparty Tokens 3 - Ownership Tokens No legal counterparty (decentralized ecosystem) Natural/legal person as counterparty (relative right) Right in rem (absolute right)
BCP Sub-
Class
Basic
Tokens
Infra-
structure
Access
Tokens
Application
Access
Tokens
Application
Settlement
Tokens
IOU Tokens Derivative
Tokens Fund Tokens
Equity
Tokens
Membership
Tokens
Joint-
Ownership
Tokens
Co-
Ownership
Tokens
Sole-
Ownership
Tokens
FINMA
Equivalent
Payment
Tokens Payment and/or Utility Tokens
Payment,
Utility and/or
Asset Token
Asset Tokens n/a n/a
Fu
nc
tion
alitie
s
Medium of
exchange,
unit of ac-
count and
store of value
providing ac-
cess to an un-
derlying tech-
nology (1)
(1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1)
Access to en-
hanced func-
tionality in-
frastructure,
i.e. SCS or
burning
mechanisms,
without legal
claim against
a counter-
party
Access to de-
centralized
application or
platform
without legal
claim against
a counter-
party (2)
(2)
Tokenization
of a claim
against a le-
gal counter-
party (e.g.
right to re-
ceive funds,
services or
use infra-
structure)
Tokenization
of a claim
Tokenization
of a fund
share
Tokenization
of a corporate
membership
Tokenization
of a personal
membership
Joint-owner-
ship of an as-
set, i.e. IP
Co-ownership
of an asset,
i.e. IP
Sole-owner-
ship of an as-
set, i.e. IP
Use as P2P
settlement
instrument
on an
application /
platform
Value derives
from an un-
derlying on-
or off-chain
base value
Equity related
shareholder's
and financial
rights
Underlying
Value None None None None Debt / Claim
Derivative
(debt) Fund share Equity share
Personal
membership
right
Ownership of
an asset
Ownership of
an asset
Ownership of
an asset
Examples
Bitcoin,
Bitcoin Cash,
Litecoin,
Monero,
ZCash
Ether, Ether
Classic,
Cardano, Lisk,
ICON, EOS
Wings
Siacoins,
Mysterium,
Filecoin
Lykke Colored
Coins, "Utility
Tokens" with
counterparty
Modum Blockchain
Capital
Daura
C-Shares tba tba tba tba
11
BCP Development Stages
Functionality is the basis for the BCP classification introduced above. Therefore, all three BCP Classes refer to
functional tokens. However, many Tokens will not be functional from the moment a contribution is made in the
context of a Token Generating Event ("TGE"), also known as an Initial Coin Offering ("ICO"). In some cases, early
investors may be granted a right to receive a future BCP. In order to provide greater transparency into the rights
and obligations generated at various stages of a Token’s creation, distribution or exchange, this analysis adds
three development stages to the BCP Framework which defines the various development layers and maturities
of the related protocol, application, business or projects associated with a BCP.
The following stages have been identified:
(1) Pre-BCP
The first development stage refers to situations in which contributions are recorded centrally by a legal entity or
decentrally on a blockchain, but do not result in the receipt of a Token. A contribution can be registered within a
protocol or any other distributed or centrally managed ledger entry but is not transferable. For example, a project
team could save all contributor addresses and future application wallets on the Bitcoin Blockchain or within an
Ethereum SCS and undertake to allocate future tokens accordingly. At this stage, a contributor has no transfer-
able assets on a distributed ledger. He can only transfer the wallet data bilaterally and off-chain. Therefore, the
ledger entry for a proposed future Token allocation does not fulfil the transferability requirement of our BCP def-
inition. The same applies to constellations in which a contributor receives a passphrase allowing him to access
future BCPs.
(2) Pre-Operational BCP
Tokens which are transferable via a protocol, but cannot yet offer their intended utility on the network are cate-
gorized as “pre-operational” Tokens. Such Tokens are often listed and traded on a secondary market exchanges.
Within this category, we distinguish between BCP Voucher Tokens, which need to be converted into separate To-
kens, and pre-operational Tokens, which requires a completion of the underlying protocol, the infrastructure
and/or the application.
Pre-operational Tokens fulfil the definition of BCP (i.e. the transferability) but lack the intended target utility.
(3) Operational BCP
This stage refers to BCPs which operate in accordance with the intended design.
Operational BCP can be classified into the BCP classes 1 to 3 and its specific sub-classes.
12
BCP Development Stages Overview
Basic
Tokens
Infrastructure
Access
Tokens
Application
Access
Tokens
Application
Settlement
Tokens
IOU Tokens Derivative
Tokens Fund Tokens Equity Tokens
Membership
Tokens
Joint-
Ownership
Tokens
Co-
Ownership
Tokens
Sole-
Ownership
Tokens
BCP Class 1 -
Native Utility Tokens
BCP Class 2 -
Counterparty Tokens
BCP Class 3 -
Ownership Tokens
Pre
-B
CP
B
CP
Pre-Operational Token
=Final Project Token
(Final but pre-operational BCP,
transferable via a protocol,
e.g. as ERC20 token)
Ledger Entry or Passphrase
=pre-BCP
(Record of contribution on, but not transferable via a protocol or
any other (distributed or centrally managed) ledger entry)
Pre
-o
pe
rati
on
al
BC
P
Op
era
tio
na
l
BC
P
BCP Voucher Token
=Independent Token
(Conversion function into
separate project related BCP,
transferable via a protocol,
e.g. as ERC20 token)
13
Risk Assessment
The categorization of BCP in risk classes depends on the technical, legal and market risks associated with the
specific BCP.
Protocol Risks (Underlying Technology)
Risk of Security Weaknesses of the Underlying Technology: The BCP relies on open-source software with the in-
herent risk that a developer or other third parties may insert weaknesses or bugs into the underlying technology,
causing the system to lose BCP that is registered on the public ledger.
Risk of Weaknesses or Exploitable Breakthroughs in the Field of Cryptography: The development of cryptography
is continuing. Code cracking or technical advances such as the development of quantum computers, could pre-
sent risks to cryptocurrencies and the BCP, which may result in the theft or loss of BCP.
Risk of Underlying Technology Attacks: The underlying technology used for the BCP may be susceptible to various
and different network attacks, including but not limited to denial of service attacks and race condition attacks.
Any successful attacks present a risk for BCP transactions, i.e. the proper execution and sequencing.
Risk of Blockchain Consensus Attacks: The user must understand and accept that, as with other public block-
chain-based systems that rely on independent validators, the underlying technology may be susceptible to con-
sensus attacks, including but not limited to, double-spending, majority voting power and censorship attacks. Any
successful attack presents a risk to the BCP, expected proper execution and sequencing of BCP transactions.
Storage, Access of Private Key (PIK) Risks
Wallet System Risk: The BCP may be accessed by a wallet provider with one or several PIK stored in its storage
system. Certain PIK may also be stored by accredited service providers (e.g. a bank) to facilitate transfers. Users
in such cases will not be granted any access to the PIK. Moreover, the user must be aware that the value repre-
sented by the BCP is stored on a public ledger, which is neither the property nor under the control of a specific
legal person or user of the wallet.
Functionality & Protocol Risks
Storage & Access of Private Key Risks
Regulation & Money Laundering Risks
Market-Related & Counterparty Risks
Risk Extent
Risk Probability
Net Risk
Weighting of
Risk Factors Risk Category
A, B, C, D and E
14
Cyber Security Risk: Cyber security risk is defined as the risk of financial loss, disruption of business ac-
tivities or reputational damage resulting from absent or insufficient protection safeguarding information
technology systems (e.g. hacker attack, virus transmission and network downtime), poor change manage-
ment practices or leakage of information. Investors and users are the most exposed to risks of losing funds
by investing, storing, managing or transferring cryptographic tokens. Organizations must ensure they pro-
vide investors and users with the best tools and security protocols to protect them from theft, malfunc-
tions, and technical incompetence.
Risk of Insufficient User Wallet Encryption: User wallets should be encrypted with a strong password (a
minimum of 12 characters, containing alphanumeric, special characters such as uppercase letters,
spaces or symbols). A standard and well tested encryption algorithm should be used.
Risk of Insufficient User Wallet Backups: Users should be able to download an encrypted backup of their
keys.
Risk of Insufficient Contingency Tools: Users should not lose access to funds due to software malfunction-
ing. Users should contemplate potential network congestion.
Regulation and Money Laundering Risks
Regulatory Risks: Blockchain technologies have been the subject of regulatory scrutiny by various regula-
tory bodies around the globe. Regulatory risks vary depending on the Token generating structure, mecha-
nisms and classification. The generating and holding of BCP may impact regulatory inquiries or regulatory
action, which could impede or limit the ability to hold BCP and/or to generate BCP.
Money Laundering Risks: Where a Token Generating Event accepts and generates assets within the same
infrastructure (e.g. ETH – ETH), the buyer’s PUK can easily be traced and screened. Conversely, money
laundering risks are more likely to be present where Fiat currency is accepted in the initial Token genera-
tion without an AML and Know Your Customer ("KYC") pre-screening of the buyer, or when a Token is ex-
changed for another from a different infrastructure in the issuing processes, reducing the visibility of the
original PUK.
Following the initial Token generation, funds raised by a corporation may be misappropriated by individu-
als or groups where there are insufficient controls. Alternative business models that provide strong gov-
ernance, such as that of a Foundation, significantly reduces the risk of money laundering by ensuring in-
dependent audits and disclosure to authorities of fund management.
Finally, in daily trading, while the anonymity of the BCP sender’s true identity carries inherent risks for
money laundering abuse (the individual may be black-listed), the transaction history visible in a pseudon-
ymous system, such as Bitcoin or Ethereum, allows the recipient to complete a KYC/AML screening of the
entire history of the asset’s transfers.
Market-Related and Counterparty Risks
General Market Risks: Several market-related risks must be evaluated when issuing blockchain-based
products. Besides the market liquidity, market size/cap and listings on crypto exchanges, the potential
collusion of operators (“Operators”), market manipulation and challenges regarding market surveillance
must also be addressed.
15
Functional & Legal Perspective Investor’s Perspective
Risk of Value Decrease of BCP: Market conversion rate of BCP may change significantly between the time
of the user’s instructions and the time of conversion. Hence, there is a risk of untimely execution.
Operator Counterparty Risk: As all functions of the Operators are not yet regulated, no self-regulating
schemes exists and market prices remain volatile (see above), there is an increased operator (counter-
party) risk. In particular, an operator would not be in the position to execute a transaction due to organiza-
tional, financial and/or regulatory restraints.
Risk of Alternative (Hard-Forked) Underlying Technologies: Alternative underlying technologies that uses
the same open-source code and open-source protocol as the BCP could be established. The official un-
derlying technology may compete with these alternative networks, which could potentially negatively im-
pact the value of the BCP.
Summarized Assessment Result
The final stage of a BCP assessment combines the BCP Class, which considers technical aspects, value
and the presence of counterparties, together with the BCP Risk Category, based on security, legal and mar-
ket considerations. The resulting BCP rating is therefore derived from a standard and holistic assessment
of the BCP that aims to provide visibility to regulators and protection to investors, ultimately leading to
higher trust and adoption of blockchain technologies.
BCP Class 1-3 Risk Category A-E BCP
16
Annex 1: Regulatory Qualification in Switzerland
FINMA ICO Guidelines of February 16, 2018
The Swiss Financial Market Supervisory Authority FINMA has published guidelines (“Guidelines”), dated
February 16, 2018, setting out how it intends to apply financial market legislations in handling enquiries
regarding the applicable regulatory framework for initial coin offerings (“ICO”). The Guidelines complement
FINMA’s earlier Guidance 04/2017, published on September 29, 2017.
By issuing the Guidelines, FINMA takes an important step forward to further clarify the applicability of the
current legal and regulatory framework related to the organisation of ICOs or Token Generating Events
(“TGE”) in Switzerland. In doing so, FINMA becomes the first global regulator to provide detailed and prin-
ciple based rules on how it intends to treat enquiries from ICO organisers.
FINMA’s Guidelines recognise the innovative potential of blockchain technology by creating a positive and
(lightly) regulated environment for this highly dynamic market. By means of this most recent Guideline,
FINMA informs ICO organisers the information that is required in order to submit enquiries, it allows
FINMA to respond more effectively, and of greater importance, it clarifies the principles on which FINMA
will base its response to such enquiries or ruling requests.
Although the Guidelines aim to provide high-level guidance, they also leave a degree of ambiguity in rela-
tion to a number of legal questions. The Guidelines provide a general framework as to how FINMA currently
interprets the regulatory landscape, however in our view, many market participants may nevertheless re-
quire further clarification on the regulatory treatment of their Tokens or ICO, obtained by means of a non-
action letter. Furthermore, the Guidelines do not go into depth the detailed reasoning behind FINMA’s legal
analysis. It therefore remains to be seen to what extent future case law and further regulations will con-
tinue to support FINMA’s approach as the technology and markets matures. Finally, the Guidelines focuses
largely on traditional issuers and investor relationships, they do not take into account aspects of decen-
tralized funding models, community-based projects and open-source software developments.
FINMA distinguishes between Payment Tokens, Utility Tokens and Asset Tokens:
(1) FINMA Payment Tokens
Payment tokens (synonymous with cryptocurrencies) are tokens which are intended to be used, now or in
the future, as a means of payment for acquiring goods or services or as a means of money or value transfer.
Cryptocurrencies give rise to no claims on their issuer.
(2) FINMA Utility Tokens
Utility tokens are tokens which are intended to provide access digitally to an application or service by
means of a blockchain-based infrastructure.
(3) FINMA Asset Tokens
Asset tokens represent assets such as a debt or equity claim on the issuer. Asset tokens promise, for ex-
ample, a share in future company earnings or future capital flows. In terms of their economic function,
therefore, these tokens are analogous to equities, bonds or derivatives. Tokens which enable physical as-
sets to be traded on the blockchain also fall into this category.
17
Relationship between BCP and FINMA Classification
FINMA remains more or less in line with frameworks discussed by leading practitioners, including the cur-
rent Blockchain Crypto Property Classification model (“BCP”) at hand, however in a simplified version by
grouping all token forms into three categories without any sub-categories. Both the BCP and FINMA mod-
els are based on the functionality of specific Tokens. However, FINMA points out that the individual token
classifications are not mutually exclusive and hybrid Tokens are possible. The absence of a precise clas-
sification leads to some degree of legal uncertainty in practice. Moreover, the qualification of Tokens for
decentralized, open-sourced and community-based projects, which do not need a centralized issuer,
seems to be out of scope in the FINMA model.
The aim of the Blockchain Crypto Property Classification 2.0, which is based on 3 BCP Classes and 12 BCP
Sub-Classes, is to enhance the existing framework for Token classification approach and complement the
high-level FINMA model in order to simplify the legal, risk and regulatory evaluation.
Taxation
Taxation issues have – rightfully – not been addressed by FINMA as part of the by Guidelines. Nevertheless,
while regulatory discussions are of highest relevance, taxation question are vital to the same extent. Luck-
ily, the Swiss tax system is generally very beneficial for corporate structures, offering effective income tax
rates between 8 – 24%, depending on business activity and location.
Blockchain-based crowdfunding, however, is still in its infancy in Switzerland. Although the individual
forms of funding are essentially nothing new under civil law, many uncertainties remain under tax law. The
difficulty of crowdfunding is that the tax implications differ widely, depending on the form it takes. While
for equity and debt-based structures, transactional taxes like stamp duties and withholding taxes are of
major relevance, income tax exemption or gift tax must be considered for donation-based models. In ad-
dition, reward-based crowdfunding could be subject to VAT. Moreover, countless combinations (including
profit participating loans, reclassification of debt as equity, mixed donations, and so forth) and cross-bor-
der issues are possible, which further complicates matters.
Therefore, no general comments about specific tax consequences of ICOs can be made. Only a case by
case analysis may identify the exact circumstances and particularities of a specific project. Furthermore,
this would enable the tax implications to be discussed with the relevant authorities ahead of time, in order
to avoid any unpleasant surprises down the road that could jeopardise the very existence of the project.
However, the Swiss tax authorities are generally very progressive with regard to blockchain-based tech-
nologies such as cryptocurrencies, tokens and ICOs. Responding to the formal request of some Swiss
bitcoin organizations in 2015, the Swiss Federal Tax Administration (SFTA) confirmed that for the purpose
of Swiss VAT it would treat Bitcoin the same way as the Swiss Franc or other FIAT currencies, i.e. trading in
Bitcoins is neither a delivery, nor a service, but rather a means of payment and as a result, not subject to
VAT. Recently, the SFTA has mentioned orally that all BCP Class 1 Tokens (i.e. tokens with no claim towards
a legal counterparty) would receive the same VAT treatment.
In addition, the SFTA has published an "official" exchange rate for Bitcoin since December 31, 2015. This
exchange rate is a recommendation to the cantonal tax authorities for net wealth tax purposes. In 2017,
the SFTA added nine additional cryptocurrencies - Ethereum, Ripple, Bitcoin Cash, Litecoin, Cardano, NEM,
Stellar, IOTA and TRON - to their exchange list, which is unprecedented in the rest of Europe or the US.
18
Regulatory Implications of BCP Classification in Switzerland Primary Market
BCP Class 1 - Native Utility Tokens 2 - Counterparty Tokens 3 - Ownership Tokens
No legal counterparty (decentralized ecosystem) Natural/legal person as counterparty (relative right) Right in rem (absolute right)
BCP Sub-
Class
Basic
Tokens
Infra-
structure
Access
Tokens
Application
Access
Tokens
Application
Settlement
Tokens
IOU Tokens Derivative
Tokens Fund Tokens
Equity
Tokens
Membership
Tokens
Joint-
Ownership
Tokens
Co-
Ownership
Tokens
Sole-
Ownership
Tokens
FINMA
Equivalent
Payment
Tokens Payment and/or Utility Tokens
Payment,
Utility and/or
Asset Token
Asset Tokens n/a n/a
Pri
ma
ry M
ark
et
dir
ec
t a
nd
ce
ntr
ali
ze
d i
ss
ua
nc
e v
ia T
GE
/IC
O
Swiss license requirement for direct primary market issuance (TGE/ICO) of Tokens?
No
Only if issuer
qualifies as
derivative
house
No
Anti-money-laundering provisions: Self-regulatory-organisation (SRO) membership or a directly subordinated financial intermediaries (DSFIs) approval required?
Mandatory, if issuer carries out a professional activity as a financial intermedi-
ary and if either (1) Token qualifies as means of payment for acquiring goods
and services or means of money or value transfer or (2) if the main reason of the
Token is to provide access rights to a financial application
In general, not applicable
Regulatory prospectus required and to be approved by FINMA?
No
If qualified as
structured
product
Yes In general, no
Civil law prospectus required (without regulatory approval)?
No
If qualified
as bond
obligation
(incl. convert-
ible and war-
rant bonds)
Depends on
specific case Yes In general, no
Taxation of primary market issuance?
Contributions / sales price might be subject to business profit tax;
tax-neutral if contributed to the committed assets of a foundation or if corresponding liability must be booked;
value added tax (VAT) depending on circumstances
Stamp duty of
1% if
> CHF 1 Mio.
Tax-neutral if
association
membership
Sales price might be subject to business profit
tax; value added tax (VAT) of 7.7%
depending on associated asset
19
Regulatory Implications of BCP Classification in Switzerland Secondary Market
BCP Class 1 - Native Utility Tokens 2 - Counterparty Tokens 3 - Ownership Tokens
No legal counterparty (decentralized ecosystem) Natural/legal person as counterparty (relative right) Right in rem (absolute right)
BCP Sub-
Class
Basic
Tokens
Infra-
structure
Access
Tokens
Application
Access
Tokens
Application
Settlement
Tokens
IOU Tokens Derivative
Tokens Fund Tokens
Equity
Tokens
Membership
Tokens
Joint-
Ownership
Tokens
Co-
Ownership
Tokens
Sole-
Ownership
Tokens
FINMA
Equivalent
Payment
Tokens Payment and/or Utility Tokens
Payment,
Utility and/or
Asset Token
Asset Tokens n/a n/a
Se
co
nd
ary
Ma
rke
t
Inte
rme
dia
ted
tra
ns
fer
Swiss regulatory license requirement for Swiss-based exchanges trading Functional Tokens?
In general, no (BCP Class 1 refers to Tokens with no
relative right against a legal counterparty)
Depends on
specific case
In general, yes (if: (1) relative right, (2) suitable for mass trading,
and (3) fulfilling formal requirements of uncertificated
security)
Depends on specific case
Swiss regulatory license requirement for Swiss-based exchanges trading BCP Voucher Tokens or Pre-Functional Tokens?
Depends on specific case (possible, if: (1) relative right, (2) suitable for mass trading, and (3) fulfilling formal requirements of uncertificated security)
Anti-money-laundering provisions: self-regulatory-organisation (SRO) membership or a directly subordinated financial intermediaries (DSFIs) approval for exchange required?
Yes If qualified as "money" according to the
Swiss Anti Money Laundering Act
Depends on
specific case In general, yes In general, no
Taxation of secondary market trading (perspective of a professional trader as seller)?
Capital gain might be subject to business profit tax;
in general, no value added tax (VAT)
Capital gain might be subject to business profit tax;
stamp duty of 1,5 or 3,0 ‰ might be applicable if taxable secu-
rities are traded via a Swiss securities dealer;
value added tax (VAT) depending on underlying relative right
n/a
Capital gain might be subject to business
profit tax; value added tax (VAT) of 7.7%
depending on associated asset
Taxation of secondary market trading (perspective of a private person as seller)?
Tax-free capital gain
Tax-free capital gain;
stamp duty of 1,5 or 3,0 ‰ only applicable if taxable securities
are traded via a Swiss securities dealer;
n/a Tax-free capital gain
20
Annex 2: BCP Classification & Assessment of BTC
BC
P E
va
luati
on
Token Evaluation
Bitcoin (BTC)
Me
as
ure
s
req
uir
ed
Underlying BCP Protocol
Protocol Name Bitcoin Blockchain
Direct / Multilayer Token Direct Direct = independent BC
Multilayer = based on diff. BC
Launch January 2009
BC Characteristics public & permissionless public & permissionless
Timestamping Proof of Work (fixed, halving) Proof of work / stake / hybrid
Hash Algorithm SHA256d scrypt / SHA / others
Avg. Amount of (full) Nodes 9243 min. 500
Multisig Wallets Yes
Possibility of Tx Analysis Yes
Unit Cap 21M
Hard Fork History Hard forked in July 2017 (BTC – BCH) and October 2017 (BTC – BTG)
IP rights Open-source
Market Capitalisation & Distribution
Market Cap $ 189'841'099'840 (04.03.18) min. USD 100 Mio.
Exchange Listings Most major (20+) min. 1 major
Price High/Low (180d) $ 19'486 (17.12.17) / $ 3'424 (15.09.17)
In relation to BTC 1
Historical Volatility (180d) 6.68% (per 04.03.18)
In relation to BTC 1
Price High/Low (30d) $ 11'957 (20.02.18) / $ 6'149 (06.02.18)
In relation to BTC 1
Historical Volatility (30d) 6.91% (per 04.03.18)
In relation to BTC 1
Trading Volume High/Low
(180d) $ 23.5B (06.01.18) / $ 0.8B (25.09.18)
In relation to BTC 1
Trading Volume High/Low
(30d) $ 14.1B (06.02.18) / $ 5.7B (25.02.18)
In relation to BTC 1
Market Cap High/Low (180d) $ 326.3B (17.12.17) / $ 56.7B (15.09.17)
21
BC
P R
isk A
ssess
me
nt
Risk Assessment
Me
as
ure
s r
eq
uir
ed Full Source Code Screening Required?
No Sufficient Market Experience with Token
General BCP 1 Risk* Specific Risks (Deviation from General Risks)
*Risk Definitions based on the separate “BCP Risk Assessment (BCP RA)”
Risk Categories: 1 (very low risk) - 5 (very high risk)
Functionality & Protocol Risks (“Underlying Technology”)
Risk of security weaknesses
of the Underlying Technol-
ogy:
Long history of stability and functionality
Risk Extent 3
Risk Probability 1
Net Risk 2
Risk of weaknesses of the
used cryptography:
SHA256 expected to remain secure
ECDSA may be vulnerable to quantum computing attacks
Risk Extent 3
Risk Probability 2
Net Risk 2.5
In relation to BTC 1
Market Cap High/Low (30d) $ 201.8B (20.02.18) / $ 102.9B (06.02.18)
In relation to BTC 1
pre-sale, pre-allocation, com-
munity allocation Decentralised non-TGE-distribution
Price finding mechanism,
contribution cap Decentralised non-TGE-distribution
issuing legal structure Decentralised non-TGE-distribution
AML, contributor suitability
compliance Decentralised non-TGE-distribution
Cross-border offering Decentralised non-TGE-distribution
After TGE governance Decentralised non-TGE-distribution
Distribution control Decentralised non-TGE-distribution
SCS/code audit Decentralised
Registration Function & Underlying Assets
Registration Function BCP account entry
Underlying Assets (“Colored
Coin”) None
Target Use
Medium of exchange, unit of account and store of value
Means of payment (transaction fees) on Bitcoin blockchain
BCP Classification
BCP Class 1
Sub-Class Basic Token
22
Risk of Underlying Technol-
ogy attacks:
Long history of stability and functionality
Risk Extent 3
Risk Probability 1
Net Risk 2
Risk of blockchain consen-
sus attacks
very stable PoW consensus mechanism
regional centralisation of mining in certain countries
Risk Extent 3
Risk Probability 1
Net Risk 2
Storage & Access of Private Key (“PIK”) Risks
Wallet System Risk:
No deviation from general BCP 1 risk
Risk Extent 3
Risk Probability 2
Net Risk 2.5
Cyber Security Risk
No deviation from general BCP 1 risk
Risk Extent 3
Risk Probability 2
Net Risk 2.5
Risk of insufficient User
wallet encryption:
No deviation from general BCP 1 risk
Risk Extent 3
Risk Probability 2
Net Risk 2.5
Risk of insufficient User
wallet backups
No deviation from general BCP 1 risk
Risk Extent 3
Risk Probability 2
Net Risk 2.5
Risk of insufficient contin-
gency tools
No deviation from general BCP 1 risk
Risk Extent 2
Risk Probability 2
Net Risk 2
Regulation and Money Laundering Risks
Regulation-Related Risks
No deviation from general BCP 1 risk
Risk Extent 2
Risk Probability 2
Net Risk 2
Market-Related and Counterparty Risks
General Market Risks No deviation from general BCP 1 risk
Risk Extent 2
23
Risk Probability 2
Net Risk 2
Risk of Value Decrease of
BCP
No deviation from general BCP 1 risk
Risk Extent 2
Risk Probability 2
Net Risk 2
Operator Counterparty Risk
No deviation from general BCP 1 risk
Risk Extent 2
Risk Probability 2
Net Risk 2
Risk of alternative (hard-
forked) Underlying Technol-
ogies
Hard forked in July 2017, SegWit2x fork planned
Risk Extent 2
Risk Probability 3
Net Risk 2.5
BCP General Risk Score
Risk: Net Risk Weighting (1 - 3) Weighted Risk
Functionality & Protocol Risks
(“Underlying Technology”) 2.125 3 6.375
Storage & Access of Private Key
(“PIK”) Risks 2.4 2 4.8
Regulation and Money Laundering
(ML) Risks 2 1 2
Market related risks and counter-
party Risks 2.125 2 4.25
17.425
Risk Score A:
<18.5
Risk Score B:
18.5<=X< 20.5
Risk Score C:
20.5<= X<22
Risk Score D:
>= 22
Risk Category: A
Overall BCP Classification & Rating
Bitcoin BTC
BCP Class 1
Sub-Class Basic Token
Risk Category A
BCP 1 A
24
Your Contacts
Dr. Luka Müller
Legal Partner
+41 44 254 99 66
Dr. Andreas Glarner
Legal Partner
+41 41 726 99 66
Thomas Linder
Tax Partner
+41 44 254 99 66
Stephan D. Meyer
Research Associate
+41 41 726 99 66
Prof. Dr. Andreas Furrer
Legal Partner
+41 41 726 99 66
Chris Gschwend
Senior Compliance Advisor
+41 41 726 99 66
Peter Henschel
Managing Director Compliance
+41 44 254 99 66
MME is an innovative, cutting edge consulting firm for all of your legal, tax, and compliance needs. Our crypto, blockchain and
fintech clients range from established international institutions to some of the world's most innovative start-ups with the
potential to become market disrupters. MME is a member of World IT Lawyers (www.worlditlawyers.com) and founding mem-
ber of the Digital Finance Compliance Association (http://en.dfca.ch/) as well as the Crypto Valley Association (https://crypto-
valley.swiss/).
Office Zurich
Zollstrasse 62 | P.O. Box 1412 | CH-8032 Zurich
T +41 44 254 99 66 | F +41 44 254 99 60
Office Zug
Gubelstrasse 11 | P.O. Box 613 | CH-6301 Zug
T +41 41 726 99 66 | F +41 41 726 99 60
www.mme.ch